UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Red Hat Enterprise Linux operating system must use a separate file system for the system audit data path.


Overview

Finding ID Version Rule ID IA Controls Severity
V-204495 RHEL-07-021330 SV-204495r603261_rule Low
Description
The use of separate file systems for different paths can protect the system from failures resulting from a file system becoming full or failing.
STIG Date
Red Hat Enterprise Linux 7 Security Technical Implementation Guide 2022-12-06

Details

Check Text ( C-4619r88677_chk )
Determine if the operating system is configured to have the "/var/log/audit" path is on a separate file system.

# grep /var/log/audit /etc/fstab

If no result is returned, or the operating system is not configured to have "/var/log/audit" on a separate file system, this is a finding.

Verify that "/var/log/audit" is mounted on a separate file system:

# mount | grep "/var/log/audit"

If no result is returned, or "/var/log/audit" is not on a separate file system, this is a finding.
Fix Text (F-4619r88678_fix)
Migrate the system audit data path onto a separate file system.